CVE-2006-6306 - OpenCVE

Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:H/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Novell	Client

Configuration 1 [-]

OR	cpe:2.3:a:novell:client:4.91:sp2::::::
	cpe:2.3:a:novell:client:4.91:sp3::::::

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html	Vendor Advisory
http://secunia.com/advisories/23363
http://securityreason.com/securityalert/1970
http://securitytracker.com/id?1017377
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm
http://www.layereddefense.com/Novell01DEC.html	Vendor Advisory
http://www.securityfocus.com/archive/1/453176/100/0/threaded
http://www.vupen.com/english/advisories/2006/4987
https://exchange.xforce.ibmcloud.com/vulnerabilities/30644
https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2006-12-05T11:00:00

Updated: 2018-10-17T20:57:01

Reserved: 2006-12-05T00:00:00

Link: CVE-2006-6306

JSON object: View

NVD Information

Status : Modified

Published: 2006-12-05T11:28:00.000

Modified: 2018-10-17T21:47:42.097

Link: CVE-2006-6306

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-12-01T00:00:00", "descriptions": [{"lang": "en", "value": "Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1970", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1970"}, {"name": "1017377", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017377"}, {"name": "ADV-2006-4987", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4987"}, {"name": "23363", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23363"}, {"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/453176/100/0/threaded"}, {"name": "novell-nmas-format-string(30644)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30644"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.layereddefense.com/Novell01DEC.html"}, {"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6306", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1970", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1970"}, {"name": "1017377", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017377"}, {"name": "ADV-2006-4987", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4987"}, {"name": "23363", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23363"}, {"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/453176/100/0/threaded"}, {"name": "novell-nmas-format-string(30644)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30644"}, {"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm", "refsource": "CONFIRM", "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm"}, {"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm", "refsource": "CONFIRM", "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm"}, {"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html", "refsource": "CONFIRM", "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html"}, {"name": "http://www.layereddefense.com/Novell01DEC.html", "refsource": "MISC", "url": "http://www.layereddefense.com/Novell01DEC.html"}, {"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6306", "datePublished": "2006-12-05T11:00:00", "dateReserved": "2006-12-05T00:00:00", "dateUpdated": "2018-10-17T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*", "matchCriteriaId": "78A17422-1FFE-4942-A6F1-01F99E4D42F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*", "matchCriteriaId": "F0CBDEB2-98CF-4C6A-A45A-F5B61803E449", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window."}, {"lang": "es", "value": "Vulnerabilidad de cadena de formato en Novell Modular Authentication Services (NMAS) en Novell Client 4.91 SP2 y SP3 permite a usuarios con acceso f\u00edsico leer el contenido de la memoria y de la pila mediante especificadores de cadenas de formato en el campo Username de la ventana de inicio de sesi\u00f3n."}], "id": "CVE-2006-6306", "lastModified": "2018-10-17T21:47:42.097", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-12-05T11:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23363"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1970"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017377"}, {"source": "cve@mitre.org", "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm"}, {"source": "cve@mitre.org", "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.layereddefense.com/Novell01DEC.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/453176/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4987"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30644"}, {"source": "cve@mitre.org", "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}